I probably won't be doing any certs again this year. I'm having a hard enough time keeping up with college course load. I tried the e-Learn Security stuff, but the professional levels was over my head. maybe I'll go back and do the beginner level when I have time.

ajohnson wrote:We're study partners, btw. I'm not sure if Don told you, but that's part of the deal

Kidding, of course, but definitely hit me up if you want to bounce ideas around.

Did they make you pass the challenge in order to receive this prize? I just did it a few days ago and noticed it was significantly more difficult than it was a few years ago.

I haven't received the codes from Don yet. I guess I'll ping him in a few days if I haven't received it.

I've already completed the registration challenge (couldn't resist). I would assume you still need to complete the challenge to take the course though. When are you planning on taking it? I probably won't register until around mid-late January. Got a lot on my plate right now, but I'm definitely looking forward to the course

2012 has been very productive and hopefully 2013 is even better. I take my GCIH test later this month (wish me luck) and hope to knock out my Net+ before the end of the year.

My 2013 goals are to prepare for the OSCP. I hope that means a SANS 401 and GSEC at some point (funds and vacation time willing), going through the Ninja Sec course and lab, the Python Security course and of course the CEH just to be able to check the box.

I'm not sure if I'll be able to get myself to OSCP levels in 2013 but I'm going to try.

Not sure when the EH-sponsored WiFu class will begin but OSWP soonly (Thanks EH.net!)

GXPN next spring at SANS 2013 in Orlando assuming I get facilitator slot. Had to resign from STI program to qualify since they said I had to do all my Golds before I was eligible (4-5 Golds by March unlikely).

OSCP Summer/Fall 2013

Somewhere in there I may try to squeeze in Security-Tube SPSE although I've been debating going back for some remedial programming courses at my community college as well since my degree was a management degree and my code-fu is pretty weak. Then next Fall I'll probably do another SANS Va Beach and will be shooting either for the Defending Web Apps course or the new Advanced Web App Pentest course. In the meantime I have access to a crap-ton of SANS OnDemand courses I (work) just purchased to get our non-security staff trained up in security topics. I know several will probably go unused but I'll be more than happy to pick up the slack, will just have to pay to challenge certs.

Am probably going to wait another year for GSE. I could do the written test now, but my incident response skills have gotten a little rusty and I have some new hires in the next few months that will help me refocus away from the compliance and policy work I've been bogged down in lately.

shadowzero wrote:When are you planning on taking it? I probably won't register until around mid-late January.

I have 60 days of lab time starting in about a week. I'll hopefully have passed the exam by the time you get going, but feel free to hit me up regardless.

tturner wrote:Somewhere in there I may try to squeeze in Security-Tube SPSE although I've been debating going back for some remedial programming courses at my community college as well since my degree was a management degree and my code-fu is pretty weak.

Check out http://www.udacity.com/ Their courses will probably cover a lot of what you're looking for, and they're mostly (all?) in Python, so that will align with the SPSE nicely as well.

I'm not sure if I'll pursue any new certs in 2013. I'm trying for the CISSP in another week. For 2013, I need to decide whether to start grad school or focus on getting a new job. I'd also like to write a book which I can't do if I start grad school (no time).

Assuming I get a new gig, I may look at the CISA or CISM late in the year.

It depends on what work will pay for. I've been wanting to take the FOR610 SANS course and go for GREM. We will see, other options were the GCIH or maybe an architecture type cert like GCFW and take the SEC502 course. Again, all depends on what the company will pay for.